Scan Report
5 /100
railsr
Railsr integration for banking and compliance platform API management
Documentation-only skill providing instructions to use the legitimate Membrane CLI for Railsr API integration. No executable code or suspicious patterns detected.
Safe to install
Skill is safe to use. Continue monitoring external URLs for IOC updates.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | N/A - no file operations documented or required |
| Network | READ | READ | ✓ Aligned | SKILL.md: Network access declared for Membrane CLI to communicate with Railsr AP… |
| Shell | NONE | NONE | — | SKILL.md: Shell commands documented are npm/node CLI invocations only, not direc… |
| Environment | NONE | NONE | — | N/A - no environment variable access documented |
| Skill Invoke | NONE | NONE | — | N/A - no skill chaining documented |
| Clipboard | NONE | NONE | — | N/A - no clipboard access documented |
| Browser | NONE | NONE | — | SKILL.md: Browser used only for OAuth flow (user action, not agent control) |
| Database | NONE | NONE | — | N/A - no database access documented |
2 findings
Medium External URL 外部 URL
https://getmembrane.com SKILL.md:7 Medium External URL 外部 URL
https://docs.railsr.com/ SKILL.md:19 File Tree
1 files · 4.3 KB · 124 lines Markdown 1f · 124L
└─
SKILL.md
Markdown
Security Positives
✓ No executable code or scripts present - documentation only
✓ Legitimate service integration with membranehq.com CLI
✓ No credential harvesting - uses OAuth flow managed by Membrane
✓ No obfuscation or base64-encoded payloads
✓ No suspicious network patterns or hardcoded IPs
✓ Clear documentation of intended functionality
✓ MIT license with public repository